From 791ca585bcf486a0115e7ea04548c17dba3bd589 Mon Sep 17 00:00:00 2001
From: Alexander Grahn <agrahn@users.noreply.github.com>
Date: Sat, 3 Aug 2024 16:21:44 +0200
Subject: [PATCH 1/5] more robust switch actions in pgp settings

---
 .../passwordstore/ui/settings/PGPSettings.kt  | 81 +++++++++++++------
 app/src/main/res/values/strings.xml           |  1 +
 2 files changed, 56 insertions(+), 26 deletions(-)

diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
index c21036ed9..4a7c52abc 100644
--- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
+++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
@@ -17,7 +17,6 @@ import app.passwordstore.util.extensions.sharedPrefs
 import app.passwordstore.util.features.Feature
 import app.passwordstore.util.settings.PreferenceKeys
 import de.Maxr1998.modernpreferences.PreferenceScreen
-import de.Maxr1998.modernpreferences.helpers.onCheckedChange
 import de.Maxr1998.modernpreferences.helpers.onClick
 import de.Maxr1998.modernpreferences.helpers.pref
 import de.Maxr1998.modernpreferences.helpers.switch
@@ -47,27 +46,44 @@ class PGPSettings(
         titleRes = R.string.pref_passphrase_cache_title
         summaryRes = R.string.pref_passphrase_cache_summary
         defaultValue = false
-        onCheckedChange { checked ->
-          if (checked) {
-            if (BiometricAuthenticator.canAuthenticate(activity)) {
-              BiometricAuthenticator.authenticate(
-                activity,
-                R.string.pref_passphrase_cache_authenticate_enable,
-              ) {
-                if (!(it is BiometricAuthenticator.Result.Success))
+        onClick {
+          if (BiometricAuthenticator.canAuthenticate(activity)) {
+            var promptTitle = R.string.pref_passphrase_cache_authenticate_disable
+            if (checked) promptTitle = R.string.pref_passphrase_cache_authenticate_enable
+            BiometricAuthenticator.authenticate(activity, promptTitle) { result ->
+              when (result) {
+                is BiometricAuthenticator.Result.Success -> {
+                  /* Any successful change of this setting clears the passphrase
+                   * cache for safety */
+                  activity.lifecycleScope.launch {
+                    passphraseCache.clearAllCachedPassphrases(activity)
+                  }
                   activity.sharedPrefs.edit {
-                    putBoolean(Feature.EnablePGPPassphraseCache.configKey, false)
+                    putBoolean(Feature.EnablePGPPassphraseCache.configKey, checked)
                   }
+                  if (!checked)
+                    activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
+                }
+                is BiometricAuthenticator.Result.Retry -> {}
+                else -> {
+                  /* revert back to previous state in case of error or cancellation */
+                  checked = !checked
+                  activity.sharedPrefs.edit {
+                    putBoolean(Feature.EnablePGPPassphraseCache.configKey, checked)
+                  }
+                }
               }
-            } else
-              activity.sharedPrefs.edit {
-                putBoolean(Feature.EnablePGPPassphraseCache.configKey, false)
-              }
+            }
           } else {
-            activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
-            activity.lifecycleScope.launch { passphraseCache.clearAllCachedPassphrases(activity) }
+            /* we may get here if device lock has been disabled while PGP settings
+             * screen was left open */
+            checked = false
+            enabled = false
+            activity.sharedPrefs.edit {
+              putBoolean(Feature.EnablePGPPassphraseCache.configKey, false)
+            }
           }
-          true
+          false
         }
       }
       switch(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) {
@@ -81,26 +97,39 @@ class PGPSettings(
          * authentication, otherwise the app crashes. Thus, the bad user could still bypass cache
          * clearing by dismissing the auhentication dialog. To prevent this, we enforce cache
          * clearing to stay enabled in case of any authentication failure. */
-        onCheckedChange { checked ->
+        onClick {
           if (!checked) {
-            if (BiometricAuthenticator.canAuthenticate(activity)) {
+            if (
+              BiometricAuthenticator.canAuthenticate(activity) &&
+                activity.sharedPrefs.getBoolean(Feature.EnablePGPPassphraseCache.configKey, false)
+            ) {
               BiometricAuthenticator.authenticate(
                 activity,
                 R.string.pref_passphrase_cache_auto_clear_authenticate_disable,
-              ) {
-                if (it is BiometricAuthenticator.Result.Success) {
-                  activity.lifecycleScope.launch {
-                    passphraseCache.clearAllCachedPassphrases(activity)
+              ) { result ->
+                when (result) {
+                  is BiometricAuthenticator.Result.Success -> {
+                    activity.sharedPrefs.edit {
+                      putBoolean(PreferenceKeys.CLEAR_PASSPHRASE_CACHE, false)
+                    }
+                    activity.lifecycleScope.launch {
+                      passphraseCache.clearAllCachedPassphrases(activity)
+                    }
+                  }
+                  is BiometricAuthenticator.Result.Retry -> {}
+                  else -> {
+                    activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
+                    checked = true
                   }
-                } else {
-                  activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
                 }
               }
             } else {
               activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
+              checked = true
+              enabled = false
             }
           }
-          true
+          false
         }
       }
     }
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index a971006ed..5c2a7b930 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -138,6 +138,7 @@
   <string name="pref_passphrase_cache_title">Enable passphrase caching</string>
   <string name="pref_passphrase_cache_summary">WARNING: this feature is functional but very experimental. Requires an active screen lock.</string>
   <string name="pref_passphrase_cache_authenticate_enable">Authenticate to enable cache</string>
+  <string name="pref_passphrase_cache_authenticate_disable">Authenticate to disable cache</string>
   <string name="pref_passphrase_cache_auto_clear_authenticate_disable">Authenticate to disable cache clearing</string>
   <string name="pref_passphrase_cache_auto_clear_title">Automatically clear passphrase cache</string>
   <string name="pref_passphrase_cache_auto_clear_summary">Clears the passphrase cache when the screen is turned off</string>

From bf28b061e9bfdc2a472ee493f2bb1be57e806903 Mon Sep 17 00:00:00 2001
From: agrahn <agrahn@users.noreply.github.com>
Date: Sat, 3 Aug 2024 17:25:05 +0200
Subject: [PATCH 2/5] Update
 app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: agrahn <agrahn@users.noreply.github.com>
---
 .../main/java/app/passwordstore/ui/settings/PGPSettings.kt    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
index 4a7c52abc..ccae352d2 100644
--- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
+++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
@@ -48,8 +48,8 @@ class PGPSettings(
         defaultValue = false
         onClick {
           if (BiometricAuthenticator.canAuthenticate(activity)) {
-            var promptTitle = R.string.pref_passphrase_cache_authenticate_disable
-            if (checked) promptTitle = R.string.pref_passphrase_cache_authenticate_enable
+            val promptTitle = if (checked) R.string.pref_passphrase_cache_authenticate_enable else R.string.pref_passphrase_cache_authenticate_disable
+            
             BiometricAuthenticator.authenticate(activity, promptTitle) { result ->
               when (result) {
                 is BiometricAuthenticator.Result.Success -> {

From fc1439ad5bbdd7f9e4e948a3107f1a0fef2b3636 Mon Sep 17 00:00:00 2001
From: agrahn <agrahn@users.noreply.github.com>
Date: Sat, 3 Aug 2024 17:31:38 +0200
Subject: [PATCH 3/5] Update
 app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: agrahn <agrahn@users.noreply.github.com>
---
 app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
index ccae352d2..1f97c3c42 100644
--- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
+++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
@@ -60,6 +60,7 @@ class PGPSettings(
                   }
                   activity.sharedPrefs.edit {
                     putBoolean(Feature.EnablePGPPassphraseCache.configKey, checked)
+                    if (!checked) remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE)
                   }
                   if (!checked)
                     activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }

From e418db326495c32c863d2cf6116c91d5ed735def Mon Sep 17 00:00:00 2001
From: agrahn <agrahn@users.noreply.github.com>
Date: Sat, 3 Aug 2024 17:33:49 +0200
Subject: [PATCH 4/5] Update
 app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: agrahn <agrahn@users.noreply.github.com>
---
 app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt | 2 --
 1 file changed, 2 deletions(-)

diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
index 1f97c3c42..69943176b 100644
--- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
+++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
@@ -62,8 +62,6 @@ class PGPSettings(
                     putBoolean(Feature.EnablePGPPassphraseCache.configKey, checked)
                     if (!checked) remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE)
                   }
-                  if (!checked)
-                    activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
                 }
                 is BiometricAuthenticator.Result.Retry -> {}
                 else -> {

From 7d7856a96b9534a9a21740ce8792799fa6c507e6 Mon Sep 17 00:00:00 2001
From: Alexander Grahn <agrahn@users.noreply.github.com>
Date: Sat, 3 Aug 2024 17:52:46 +0200
Subject: [PATCH 5/5] formatting fixed (ktfmtFormat)

---
 .../main/java/app/passwordstore/ui/settings/PGPSettings.kt  | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
index 69943176b..60c9929b0 100644
--- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
+++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
@@ -48,8 +48,10 @@ class PGPSettings(
         defaultValue = false
         onClick {
           if (BiometricAuthenticator.canAuthenticate(activity)) {
-            val promptTitle = if (checked) R.string.pref_passphrase_cache_authenticate_enable else R.string.pref_passphrase_cache_authenticate_disable
-            
+            val promptTitle =
+              if (checked) R.string.pref_passphrase_cache_authenticate_enable
+              else R.string.pref_passphrase_cache_authenticate_disable
+
             BiometricAuthenticator.authenticate(activity, promptTitle) { result ->
               when (result) {
                 is BiometricAuthenticator.Result.Success -> {